[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] countermeasure against attacks through HTML shared files



Hi Adrian,

>It would have been cool to mention Microsoft SharePoint as an example of
>a popular file sharing system that allows persistent XSS through shared
>HTML files. i.e.:

Thanks for pointing this out.  I didn't look at SharePoint, actually.  I did look at many others, and didn't find any that took any explicit precautions against XSS through shared files.  But I thought there was no need to mention any names in the paper.

Francisco